2019-05-03 22:54:21 +00:00
---
title: Infrastructure
description: The hardware and software powering it all
published: true
2019-06-29 19:10:50 +00:00
date: 2019-06-29T19:10:36.767Z
2019-05-03 22:54:21 +00:00
tags:
---
# Basic overview
- Entrypoint to network is a Linksys WRT1200AC
- Main HP DL380 G6 server
- File server is a Custom Intel SC5000 BASE
# Router
Self assigned WAN IP address, easily probed via our true domain `fosc.etsit.upct.es`
2019-06-12 11:51:52 +00:00
Running latest Openwrt trunk, updated every handful of weeks
2019-05-03 22:54:21 +00:00
2019-06-12 11:51:52 +00:00
Performance can be overviewed at:
[router.fosc.space ](https://router.fosc.space )
# Main Server
2019-05-03 22:54:21 +00:00
Its hostname is just `fosc`
2019-06-12 11:51:52 +00:00
Runs NixOS with some nice configs and acts as a docker server. As usual for NixOS, it is configured from .nix files in `/etc/nixos`
2019-06-12 23:02:25 +00:00
These configs are not intended to be touched by mortals, but can be seen by members so they can help in home server setups
2019-05-03 22:54:21 +00:00
2019-06-12 11:51:52 +00:00
An extensive docker-compose setup is present at `/var/docker/`
Go there if you have been given access to deploy a stack
2019-05-03 22:54:21 +00:00
## RAID setup
2019-06-12 11:51:52 +00:00
NixOS boots from an independent f2fs 250GB SSD.
Real storage is available in a ZFS "RAID10" composed of the 4 mechanical disks. Due to RAID card annoyances, replacing a disk requires a reboot (and probably more intervention)
```
pool: tank
state: ONLINE
scan: scrub repaired 0B in 0 days 00:10:44 with 0 errors on Mon Jun 3 13:53:46 2019
config:
NAME STATE READ WRITE CKSUM
tank ONLINE 0 0 0
mirror-0 ONLINE 0 0 0
scsi-3600508b1001c2d61e4e90873322fc373 ONLINE 0 0 0
scsi-3600508b1001cbb53e902f820f105614f ONLINE 0 0 0
mirror-1 ONLINE 0 0 0
scsi-3600508b1001cdacdaa62eca0df4ed607 ONLINE 0 0 0
scsi-3600508b1001cfd528529622e93c7f74f ONLINE 0 0 0
errors: No known data errors
```
2019-05-03 22:54:21 +00:00
## Traefik
2019-06-12 11:51:52 +00:00
SSL terminator / HTTP proxy for the network, hogs port 80 and 443 (among others) and will fetch different webpages based on domain
2019-05-03 22:54:21 +00:00
2019-06-12 11:51:52 +00:00
All HTTP(S) services must be accessed over this proxy
2019-05-03 22:54:21 +00:00
2019-06-12 11:51:52 +00:00
## Long term storage
Files served by the web servers and backups are stored at `/mnt/gordo`
## Backups
Backups occur weekly at `04:00` using the `restic` software
Encryption key has been shared among the head members
2019-05-03 22:54:21 +00:00
2019-06-12 11:51:52 +00:00
# File Server
2019-06-29 19:10:50 +00:00
> This server is currently out of comision. Backups have been taken to offline disks.
{.is-danger}
2019-05-03 22:54:21 +00:00
As you would have expected, `gordo`
2019-06-12 11:51:52 +00:00
Also runs NixOS, using a simpler configuration than the main server.
2019-05-03 22:54:21 +00:00
2019-06-12 11:51:52 +00:00
Its primary function is running an NFS server and beinbg a torrent seedbox. It also has a dormant traefik+docker setup, ready to replace the main server in case of emergency.
2019-05-03 22:54:21 +00:00
## RAID setup
2019-06-12 11:51:52 +00:00
Three 1TB SATA disks in raidz (RAID5). The first disk seen by the BIOS contains the GRUB bootloader and a small boot partition aside from one of the three ZFS partitions
2019-05-03 22:54:21 +00:00
2019-06-12 11:51:52 +00:00
Only one disk can fail at the same time. Be careful out there
2019-05-03 22:54:21 +00:00
2019-06-12 15:10:38 +00:00
```
pool: tank
state: ONLINE
scan: scrub in progress since Wed Jun 12 16:44:20 2019
584G scanned at 406M/s, 209G issued at 146M/s, 959G total
0B repaired, 21.84% done, 0 days 01:27:43 to go
config:
NAME STATE READ WRITE CKSUM
tank ONLINE 0 0 0
raidz1-0 ONLINE 0 0 0
ata-ST31000528AS_9VP0TRE9 ONLINE 0 0 0
ata-ST31000528AS_9VP0TRYB ONLINE 0 0 0
ata-ST31000528AS_9VP0TS1L-part3 ONLINE 0 0 0
errors: No known data errors
```
2019-05-03 22:54:21 +00:00
